Rule 17a-3 |
Most members of a national securities exchange, as well as brokers and dealers, must keep current a variety of books and records that relate to their business. |
- 24/7 offline data access and search with role-based permissions for accessing archive.
|
Rule 17a-4 & NASD 3010 |
Securities dealers must implement specific, enforceable retention procedures, which include the following:
- Messages must be stored in duplicate.
- Data must be verified automatically for quality and accuracy.
- Messages must be date/time-stamped and serialized.
- A searchable index of all data must be maintained.
- Messages and indexes must be easily retrievable.
|
- Stored data is backed up and stored on fully redundant platform with 99.999% uptime SLA.
- Full-text indexing and search capability.
- All stored files and corresponding file activity are time-stamped, and auditable via Audit Log and Admin File Management.
- Configurable retention policies.
|
Investment Advisers Act of 1940 |
Hedge fund managers with assets in excess of $100M have to register with the SEC under the Investment Advisers Act of 1940, which includes provisions for securing electronic communication, including email and instant messages (same requirements as SEC 17a-4). |
- Archive and index of all relevant file types.
- Secure, permission-based sharing.
- Data is encrypted in transit and at rest.
- Versioning and full audit trail of all sharing and file management activity.
|
Rule 31a-2 of the Investment Company Act of 1940 and Rule 204-2 of the Investment Advisers Act of 1940 |
Funds and advisers can maintain all of their records in an electronic format as long as procedures are put in place to protect records from “loss, alteration, or destruction”; that access to these records is limited to certain parties; and that “any reproduction of a nonelectronic original record on electronic storage media is complete, true, and legible.” |
- Resilient storage platform with 99.999% uptime SLA.
- Role-based permissions for accessing archive.
- File access is logged and auditable.
|
Rule 17a-4 |
Records, including email messages, must be preserved at least 6 years, the first 2 in “an easily accessible place”. |
- Configurable retention and data loss prevention policies enable file retention for 6 years or longer.
- All files are easily accessible 24/7/365.
|